Recent Vulnerabilities Research Posts Trends Blog About Contact

Related Vulnerabilities: CVE-2007-4743

USN-511-1 fixed vulnerabilities in krb5 and librpcsecgss. The fixes were incomplete, and only reduced the scope of the vulnerability, without fully solving it. This update fixes the problem.

Original advisory details:

Source

7 September 2007

krb5, librpcsecgss vulnerability

A security issue affects these releases of Ubuntu and its derivatives:

Ubuntu 7.04
Ubuntu 6.10
Ubuntu 6.06 LTS

Software Description

krb5
librpcsecgss

Details

USN-511-1 fixed vulnerabilities in krb5 and librpcsecgss. The fixes were incomplete, and only reduced the scope of the vulnerability, without fully solving it. This update fixes the problem.

Original advisory details:

It was discovered that the libraries handling RPCSEC_GSS did not correctly validate the size of certain packet structures. An unauthenticated remote user could send a specially crafted request and execute arbitrary code with root privileges.

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 7.04: libkadm55 - 1.4.4-5ubuntu3.3; librpcsecgss3 - 0.14-2ubuntu1.2
Ubuntu 6.10: libkadm55 - 1.4.3-9ubuntu1.5; librpcsecgss2 - 0.13-2ubuntu0.2
Ubuntu 6.06 LTS: libkadm55 - 1.4.3-5ubuntu0.6; librpcsecgss1 - 0.7-0ubuntu1.2

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

In general, a standard system upgrade is sufficient to affect the necessary changes.

References

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

krb5, librpcsecgss vulnerability

krb5, librpcsecgss vulnerability

Software Description

Details

Update instructions

References

Vulmon Search

About

Products

Connect